HowTo: Cloak AND Fake your Referrer

kblessinggr · Nov 23, 2009

I just posted an article on Kbeezie.com on how to cloak (ie: show a whitehat domain instead of your original blackhat domain during a redirect), and fake (flat out use a fake referrer to a destination) a referrer.

Cloaking and Faking the Referrer KBeezie

The cloaking method can be used on actual traffic since its client-sided.
The faking method is strictly PHP+cURL.

I tested the cloak in Internet Explorer (7 and 8), Safari 4, and FireFox 3, and they all report the whitehat domain instead of the blackhat during the redirection test. There is a demo link at the bottom of the first page.

DBWebDev · Nov 23, 2009

Thanks, +rep. Loved the way you commented the code, think I might actually understand half of it now.

kblessinggr · Nov 23, 2009

DBWebDev said:
Thanks, +rep. Loved the way you commented the code, think I might actually understand half of it now.

I'll likely have to go back in and change the code in a in a moment, I'll post within half an hour when done (basically the if blocks would cause the next if block to be true and so on before the script has completed).

kblessinggr · Nov 23, 2009

I updated the first page with a couple of elseif to prevent progression to the next conditional if the first one was true in the same execution.

erect · Nov 23, 2009

Relying on cookies AND javascript sounds very risky.

kblessinggr · Nov 23, 2009

erect said:
Relying on cookies AND javascript sounds very risky.

Doing something illicit in the first place sounds risky. Besides not like you could do it purely meta refresh only, since only Safari would work that way but not IE/FF.

In other words... there's one method, if you know a better way to do it clientside on a browser without using javascript or cookies (and without using sessions to avoid performance hit), then feel free to share it.

Victory · Dec 1, 2009

erect said:
Relying on cookies AND javascript sounds very risky.

Not that i am into cookie stuffing, but if the client is not accepting cookies than you probably won't be getting credited anyways matter what, in which case you might as well send them off to a squeeze page.

kblessinggr · Dec 1, 2009

Victory said:
Not that i am into cookie stuffing, but if the client is not accepting cookies than you probably won't be getting credited anyways matter what, in which case you might as well send them off to a squeeze page.

Good point, since a good deal of referrals are credited by cookies.

mattseh · Dec 8, 2009

+megarep

damonji · Dec 8, 2009

that is really nice thing

Search

Search

HowTo: Cloak AND Fake your Referrer

kblessinggr

PedoBeard

DBWebDev

$0.50/week

kblessinggr

PedoBeard

kblessinggr

PedoBeard

erect

New member

kblessinggr

PedoBeard

Victory

Space Between Posts

kblessinggr

PedoBeard

mattseh

import this

damonji

New member